Favorite Schools

Favorite Teams

Local banks, credit unions reissued cards, but haven't joined lawsuit against Target

Target Data Breach

Shoppers arrive at a Target store in Los Angeles on Thursday, Dec. 19, 2013. Target says that about 40 million credit and debit card accounts may have been affected by a data breach that occurred just as the holiday shopping season shifted into high gear. (AP Photo/Damian Dovarganes)
(AP Photo/Damian Dovarganes, file)

The federal lawsuit filed Friday by the First Choice Federal Credit Union in New Castle seeks class action status, claiming there will be far in excess of the 100 victims and $5 million in damages needed to justify a class action under federal law once other financial institutions come forward. The Pennsylvania credit union is located about 45 miles northwest of Pittsburgh.

“Reissuing cards is a way to protect our members from fraud. Since PSECU reissued so quickly after the notification of the breach, we likely prevented significantly more members from being negatively impacted,” Delmonico said.

Metro Bank has not joined the lawsuit either, but did reissue about 14,000 cards, said Vicki Chieppa, senior vice president of bank operations.

Because Metro acted quickly to notify customers whose cards were potentially impacted, she said very few cases of fraud have been reported – about $4,000 worth.

Fulton Bank is not planning to take any legal action to recoup costs relating to the Target case, said spokeswoman Laura Wakely. Instead, she said Fulton is focusing on improving technology and securing its systems to outsmart those trying to commit fraud.

Fulton did not reissue all cards affected by the Target breach because it had just completed an upgrade of its fraud detection systems over the past year. But the affected cards are subject to increased monitoring, Wakely said.

Of the cards involved in the Target breach, Wakely said Fulton has not seen a higher level of fraud reports than among other cards it has issued.

PNC Bank doesn’t comment on legal matters, said spokeswoman Marcey Zwiebel. But PNC has told its customers they don’t need to replace their cards unless they have seen fraudulent activity on their account.

“We are working individually with customers who have detected unauthorized charges and we have replaced some cards, but we are not sharing the number,” she said.

Belco Community Credit Union hasn’t joined the lawsuit, but is keeping its options open, said spokesman David Forbes.

Belco reissued about 1,700 cards around Jan. 10 to members whose Visa cards were used at Target during the breach period, and told them to change their pins, Forbes said.

“We did not have any reported instances of fraud,” Forbes said, adding the measure was taken as a precaution.

“I’m sure everyone is being proactive in trying to manage this,” Forbes said of other financial institutions. “It’s certainly cheaper to reissue cards than deal with losses on the other side and try to get money back for the members,” he said.

The lawsuit doesn't say how much the credit union has spent to reissue its customer cards and take related precautions, and attorneys for the credit union didn't immediately return calls for comment Monday.

A Target spokeswoman repeated the Minneapolis-based chain's assurances that customers aren't liable for any fraudulent purchases.

"They need to continue to watch their accounts and promptly report any fraud to their issuing bank," spokeswoman Molly Snyder said. "I can't speak to the reimbursement process as that is between Target and the banks."

Snyder declined to comment specifically on the lawsuit, which was filed electronically in U.S. District Court in Pittsburgh.

Target has said hackers stole about 40 million debit and credit card numbers and the personal information, including names, email addresses, phone numbers and home addresses of as many as 70 million customers.

Banks, credit unions and other entities that issued debit and credit cards have borne the expense of canceling and reissuing cards, closing transactions or accounts, refunding or crediting cardholders for unauthorized transactions, and notifying customers of the Target data breach in the first place.

But according to the lawsuit, Target should be responsible because the company allegedly stored and maintained data from the magnetic stripe on customers' cards for longer than 48 hours before the data was stolen. The 48-hour limit is imposed by Minnesota law.

The lawsuit seeks unspecified monetary damages, attorney's fees, and a finding by the court that Target violated Minnesota law by maintaining customer account information longer than 48 hours, among other damages and remedies.

Related Stories

Featured Story

Get 'Today's Front Page' in your inbox

This newsletter is sent every morning at 6 a.m. and includes the morning's top stories, a full list of obituaries, links to comics and puzzles and the most recent news, sports and entertainment headlines.

optionalCheck here if you do not want to receive additional email offers and information.See our privacy policy

Thank you for signing up for 'Today's Front Page'

To view and subscribe to any of our other newsletters, please click here.